<?php
	require("include/includes.php");
	//require("include/getIP.php");
	
	//
	// --------------------------------- LOGIN -----------------------------------
	//
	
	// Valeurs initiales
	$valueNickname_login  	= postOrCustom('nickname', '');
	$valuePassword_login 	= postOrCustom('password', '');
	$errors = Array();
	
	/// --- VALIDATION DU FORMULAIRE ---
	if(isset($_POST['submit_login']) && !isset($_SESSION['user']))
	{
		/*if(!verifyCsrfToken())
		{
			$errors['csrf'] = 'Security token missing!';
		}
		else // CSRF ok */
		{
			$pid=Player::checkLogin($valueNickname_login, $valuePassword_login);
			if($pid===false)
			{
				$errors['badLogin'] = 'Invalid login or password';
				$_SESSION['badLogin'] = 'Invalid login or password';
				//$pid=1; //DEBUG
			}
			//var_dump($pid);
			//var_dump($errors);
			//var_dump($valueNickname_login);
			//var_dump($valuePassword_login);
			//die();
		}
		// Traitement des données (si aucune erreur)
		// Note: Si le joueur est banni, il PEUT se connecter, mais ne pourra pas faire d'action
		if(empty($errors))
		{
			$player = new Player($pid);
			$_SESSION['user'] = $player;
		}
		
		//var_dump($errors);
	}
	
	if(isset($_SERVER['HTTP_REFERER']))
	{
		header('Location: '.$_SERVER['HTTP_REFERER']); 
	}
	else
	{
		header('Location: index.php');
	}

?>